Linux command
pam_filter 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Run a filter
auth required pam_filter.so run1 /path/to/filter
Run a filter
session required pam_filter.so debug run1 /path/to/filter
Run a filter
session required pam_filter.so new_term run1 /path/to/filter
说明
pam_filter is a PAM module intended to be a platform for providing access to all of the input/output that passes between the user and the application. It is only suitable for tty-based and stdin/stdout applications. The filter is always called with the filter as argv0, followed by the connection type and the PAM service type. All module types (auth, account, password, and session) are provided.
参数
- debug
- Print debug information to syslog.
- new_term
- Set PAM_TTY to the filtered pseudo-terminal. The default action is to set PAM_TTY to indicate the terminal the user is using to connect.
- non_term
- Do not try to set the PAM_TTY item.
- run1 _FILTER_
- Run the filter at the first stage. For auth: pam_authenticate. For session: pam_open_session. For password: PAM_PRELIM_CHECK phase.
- run2 _FILTER_
- Run the filter at the second stage. For auth: pam_setcred. For session: pam_close_session. For password: PAM_UPDATE_AUTHTOK phase.
FAQ
What is the pam_filter command used for?
pam_filter is a PAM module intended to be a platform for providing access to all of the input/output that passes between the user and the application. It is only suitable for tty-based and stdin/stdout applications. The filter is always called with the filter as argv0, followed by the connection type and the PAM service type. All module types (auth, account, password, and session) are provided.
How do I run a basic pam_filter example?
Run `auth required pam_filter.so run1 /path/to/filter` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does debug do in pam_filter?
Print debug information to syslog.